Detections
Analytics

CVE-2008-5982

critical

Description

Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string specifiers in an invalid version number to TCP port 3181, which are not properly handled when writing a log message.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47175

http://www.zerodayinitiative.com/advisories/ZDI-08-082/

http://www.vupen.com/english/advisories/2008/3379

http://www.securitytracker.com/id?1021361

http://www.securityfocus.com/bid/32692

http://www.securityfocus.com/archive/1/499013/100/0/threaded

http://secunia.com/advisories/33049

Details

Source: Mitre, NVD

Published: 2009-01-27

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.12035